---
- branch: MAIN
  date: Thu Nov 29 13:50:39 UTC 2018
  files:
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/devel/ruby-activemodel42/distinfo
    pathrev: pkgsrc/devel/ruby-activemodel42/distinfo@1.3
    type: modified
  id: 20181129T135039Z.519f002a8d0ece4049e79c672335ef33d6b735fe
  log: |
    devel/ruby-activejob42: update to 4.2.11

    ## Rails 4.2.11 (November 27, 2018) ##

    *   Do not deserialize GlobalID objects that were not generated by Active Job.

        Trusting any GlobaID object when deserializing jobs can allow attackers to access
        information that should not be accessible to them.

        Fix CVE-2018-16476.

        *Rafael Mendonå·½a Franå·½a*
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/ruby-activemodel42'
  unixtime: '1543499439'
  user: taca